All articles tagged with #cisa
Originally Published 9 days ago — by Federal News Network
The article discusses key cybersecurity issues to watch in 2026, including the upcoming White House national cyber strategy focused on shaping adversary behavior, the evolving role of AI in cyber defense and threats, the reauthorization of CISA authorities, new cyber incident reporting rules, and leadership gaps within U.S. cybersecurity agencies.
Originally Published 21 days ago — by Politico
Acting CISA director Madhu Gottumukkala failed a polygraph test, leading to an investigation and suspension of at least six staff members who organized the test, raising concerns about leadership and accountability within the agency amid ongoing personnel and leadership instability.
Originally Published 25 days ago — by CISA (.gov)
CISA is participating in the 2026 CyberCorps® Scholarship for Service program, offering 100 summer cybersecurity internships and full-time positions for eligible students and recent graduates, aiming to develop future cyber defense leaders through hands-on federal government experience.
Originally Published 1 month ago — by Forbes
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a mandatory update warning for Android devices due to two critical vulnerabilities that could allow remote denial of service attacks. Google and Samsung have confirmed fixes, with a deadline of December 23 for federal users and a recommended update for all others. The vulnerabilities, particularly affecting Samsung devices, involve remote memory access issues, emphasizing the need for timely updates to mitigate risks.
Originally Published 1 month ago — by The Hacker News
CISA has added the actively exploited CVE-2021-26829 XSS vulnerability in OpenPLC ScadaBR to its KEV catalog, highlighting ongoing threats from hacktivist groups like TwoNet, which exploited this flaw in a honeypot to deface a system. The attack involved using default credentials and web application layer exploits, with federal agencies required to patch by December 19, 2025. Additionally, a long-running exploit operation targeting Brazil has been observed, utilizing legitimate cloud infrastructure to evade detection.
Originally Published 2 months ago — by BleepingComputer
CISA has ordered U.S. federal agencies to patch a critical Samsung vulnerability (CVE-2025-21042) exploited since July 2024 to deploy LandFall spyware via WhatsApp, which can access extensive device data. Although Samsung patched it in April, ongoing exploitation prompted urgent security measures, with federal agencies required to fix the flaw by December 1. The spyware targets flagship Samsung devices and has potential links to international espionage activities, emphasizing the importance of timely updates.
Originally Published 2 months ago — by BleepingComputer
CISA warns of a critical remote command execution vulnerability in CentOS Web Panel (CWP) that is actively exploited, urging federal agencies and organizations to apply security updates by November 25 to mitigate risks. The flaw allows unauthenticated attackers to execute arbitrary commands, impacting all versions before 0.9.8.1204, and was demonstrated on CentOS 7. The vulnerability was reported in May, patched in June, and now added to CISA's Known Exploited Vulnerabilities catalog.
Originally Published 2 months ago — by BleepingComputer
CISA and NSA have issued guidance for securing Microsoft Exchange servers, emphasizing best practices like strong authentication, minimizing attack surfaces, and decommissioning outdated servers, especially after recent vulnerabilities and attacks exploiting Exchange flaws. They recommend migrating to Microsoft 365, enabling multi-factor authentication, applying security patches, and monitoring for suspicious activity to prevent breaches.
Originally Published 2 months ago — by BleepingComputer
CISA has ordered U.S. government agencies to urgently patch a critical Windows Server WSUS vulnerability (CVE-2025-59287) that is actively exploited in attacks, with evidence of in-the-wild exploitation. Microsoft released emergency updates, and agencies are advised to disable the WSUS role if patches cannot be immediately applied. Over 2,800 WSUS instances are exposed online, highlighting the urgency of patching to prevent remote code execution by attackers.
Originally Published 2 months ago — by Politico
Homeland Security Secretary Kristi Noem has significantly cut staffing and funding at the Cybersecurity and Infrastructure Security Agency, weakening U.S. cyber defenses despite her public promises to prioritize cybersecurity, raising concerns among experts and lawmakers about increased vulnerability to cyberattacks from adversaries like China and Russia.
Originally Published 2 months ago — by The Hacker News
The U.S. CISA added five security flaws to its KEV catalog, including a weaponized Oracle E-Business Suite vulnerability (CVE-2025-61884) and other critical bugs in Microsoft, Kentico, and Apple, with some actively exploited in the wild. Agencies must remediate these vulnerabilities by November 10, 2025.
Originally Published 2 months ago — by BleepingComputer
CISA warns that a high-severity Windows SMB vulnerability (CVE-2025-33073), which allows privilege escalation and is actively exploited, affects all recent Windows versions. Microsoft patched it in June 2025, but threat actors are now exploiting it, prompting federal agencies and organizations to urgently apply updates to prevent system compromise.
Originally Published 2 months ago — by CISA (.gov)
CISA has issued an emergency directive requiring federal agencies to inventory, update, and disconnect vulnerable F5 BIG-IP devices due to a nation-state cyber threat that compromised F5's source code and could enable exploitation, data exfiltration, and network compromise.
Originally Published 3 months ago — by BleepingComputer
CISA disclosed that hackers exploited an unpatched GeoServer vulnerability (CVE-2024-36401) to breach a U.S. federal agency's network, gaining access through web shells and remote access scripts, and moving laterally within the network before detection. The agency urges prompt patching, enhanced monitoring, and improved incident response to prevent similar attacks.
Originally Published 3 months ago — by CISA (.gov)
CISA released a cybersecurity advisory sharing lessons learned from responding to a breach at a U.S. federal agency, highlighting the importance of prompt patching, effective incident response planning, and log management. The attack involved exploitation of CVE-2024-36401 in GeoServer, with threat actors gaining initial access, establishing persistence, and moving laterally within the network over three weeks before detection. CISA emphasizes immediate patching of known vulnerabilities, testing incident response plans, and implementing comprehensive logging to improve security posture and prevent similar incidents.